Introduction
Over time, information technology has grown dramatically in scope and complexity, now seeing use throughout most of the world. As a result, the value of cyberspace targets has increased substantially, attracting various malicious agents that are motivated by profit or other factors. They have developed a variety of different attack methods and techniques, abandoning ones that proved ineffective due to new defense measures and adopting innovative ones as vulnerabilities and opportunities were discovered. It is the cyber defense specialist’s task to remain aware of the latest threats and issues in security so that they can prepare for potential attacks and be ready to respond to them. This essay will discuss some current vulnerabilities and problems, notably those associated with hardware, software, data storage, and human factors.
Hardware
Many defense measures take place on the software level, as, if implemented in hardware, they would increase the cost dramatically while slowing operations down. As a result, if the attacker can gain access to information on the hardware level, they can potentially exercise a substantial degree of control and extract unsecured information. Moreover, Waterfield (2020) highlights an issue in Intel’s encryption methods that allows for undetectable attacks and cannot be fixed, leading to recommendations of turning the feature off altogether. While the vulnerability requires that the attacker have physical access to the device that is being exploited, many others do not.
This situation is reflective of the overall issues with hardware vulnerabilities, which tend to be potentially highly dangerous and challenging to address. However, it is also indicative of the reasons why hardware attacks are relatively uncommon. It is challenging to bypass the virtualization provided by the software and gain direct access to the information that is being processed at the lowest level. Moreover, that information would be stored in machine code, making it difficult to process and use for practical purposes. Nevertheless, cybersecurity specialists should remain vigilant and ensure that hardware remains an unattractive target to potential attackers via extensive protection measures.
Software
A typical cybernetic system will typically have a large variety of software running on it for purposes of both performing its principal operations and protecting the overall framework. Much of this software has to be able to be accessed from outside because its purpose involves such communication. This access creates the potential for vulnerabilities that emerge due to bugs or developer oversights, potentially letting the software be used for unintended purposes. Popular software is often researched by dedicated attackers in isolated environments, enabling them to discover weaknesses and train to exploit them in secrecy. As a result, software-based attacks can take place quickly and have devastating effects, which makes them particularly dangerous.
A particularly problematic recent development in this area is the emergence of dedicated agencies that aim to conduct cyberattacks for motives other than profit. Such organizations have resources beyond what most profit-oriented criminals can amass, enabling them to take on high-value targets. Skopik (2017) states that these groups engage in strategic actions known as advance persistent threats (APTs), using a variety of strategies overtime to attack targets and secure high-profile company and government secrets repeatedly. Such attacks encompass the entire scope of the organization, exploiting numerous vulnerabilities and adapting to defender responses. With unique approaches enabled by the attacking agencies’ size and power, extensive defensive responses and software security advances are needed to combat the problem.
Stored Data
Data is often the focus of attacks by malicious parties, as it can be sensitive and valuable. User credentials enable the attacker to impersonate said users, while their personal information can be used for financial gain through either selling it or using it to perform fake financial transactions. Internal company and government agency information can be invaluable for purposes of espionage by competing businesses and other nations. As such, companies should ensure that their data is stored safely and securely, protected from attacks. However, due to the amount of information that is typically stored in an electronic system, there will typically be oversights that can be dangerous.
Organizations routinely fail to protect sensitive information, creating gaps that malicious parties can exploit. Newman (2019) discusses an incident where Google, a leading IT company, had been storing some of its users’ passwords without encryption or other forms of protection for 14 years, noting that Twitter and Facebook have had similar issues. Additionally, stories of personal information theft from companies that work with clients financially emerge regularly, putting the financial well-being of these people at risk. Since large and specialized businesses such as these struggle to secure their data storage, it is prudent to assume that many other networks will have similar issues.
Human Factors
Possibly the most important aspect of any security system is the ability to bypass it should the appropriate steps, often inputting the correct key, be taken. If a third party can obtain said key, it can then access the system for its purposes, whether they are nefarious or otherwise. As such, attackers have been making efforts to obtain login information from its legitimate owners through a variety of means. The practice has gained the name “social engineering,” as it uses implicit biases to create techniques that avoid a person’s standard thought process to create the desired outcome.
By definition, social engineering works with people, and the number of general approaches is small, while the variation between individual cases can be substantial. Hadnagy (2018) lists two primary techniques: impersonation and phishing (which are then subdivided based on the medium used, with SMS phishing and voice phishing named SMiShing and vishing, respectively). The former involves a person pretending to be someone else to obtain the needed response from the target, sometimes succeeding. On the other hand, phishing is much more dangerous, as it involves pretending to represent a trustworthy entity to which the person will give their information freely. Workers should be educated on the methods that can be used extensively and stay vigilant at all times.
Conclusion
Numerous threats affect information systems on a day-to-day basis and enable third parties to cause substantial damage. Both hardware and software have vulnerabilities that can be exploited while relatively unknown to the target. Data storage oversights can cause billions of dollars in damage, and so can carelessness on the part of the trusting worker. The problem with many of these threats is that they cannot be detected or stopped until after the attack has taken place. As such, proactive solutions should be considered, with companies and organizations proactively shutting down threats before they can cause harm. However, such actions are complex and highly challenging, and continuous self-review remains essential to detect and correct issues.
References
Hadnagy, C. (2018). Social engineering: The science of human hacking (2nd ed.). Wiley.
Newman, L. H. (2019). Google has stored some passwords in plaintext since 2005. Wired.
Skopik, F. (Ed.). (2017). Collaborative cyber threat intelligence: Detecting and responding to advanced cyber attacks at the national level. CRC Press.
Waterfield, S. (2020). New Intel CSME CPU bug is ‘unfixable’ security vulnerability affecting chipsets released over last five years. Newsweek.